cobaltstrike | 4caeca58b238f4af41ff689c4f08ca74f89b27dcd754454dab7ab5175ce90d67 | Triage

Sharing

General

Target

4caeca58b238f4af41ff689c4f08ca74f89b27dcd754454dab7ab5175ce90d67
Size

110KB
Sample

240919-zff3fszcpr
MD5

4a2266d90102322826d32a0dc7d5edbd
SHA1

9c00d0495721206542663ac4a7c45a8cd12ef457
SHA256

4caeca58b238f4af41ff689c4f08ca74f89b27dcd754454dab7ab5175ce90d67
SHA512

c12090be3a8269b9a9d240ad643fdaf253422c33b0bc60f4454150bbb3feee41dfc48f74b28bc847abeba3d6e088b4912cc8c540f20c03e7fe25c0e999114fc4
SSDEEP

3072:EB1nFpIMGJbzgTUeIcYSlxp13SlbUYjdv:6FFp7GJzlcYS7Sj

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://172.26.218.210:11111/YAkX

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1)

Targets

- Target
  
  4caeca58b238f4af41ff689c4f08ca74f89b27dcd754454dab7ab5175ce90d67
- Size
  
  110KB
- MD5
  
  4a2266d90102322826d32a0dc7d5edbd
- SHA1
  
  9c00d0495721206542663ac4a7c45a8cd12ef457
- SHA256
  
  4caeca58b238f4af41ff689c4f08ca74f89b27dcd754454dab7ab5175ce90d67
- SHA512
  
  c12090be3a8269b9a9d240ad643fdaf253422c33b0bc60f4454150bbb3feee41dfc48f74b28bc847abeba3d6e088b4912cc8c540f20c03e7fe25c0e999114fc4
- SSDEEP
  
  3072:EB1nFpIMGJbzgTUeIcYSlxp13SlbUYjdv:6FFp7GJzlcYS7Sj
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan